<?php 
require_once 'common/common.inc.php';

$replace = array("","","","");
$search = array("voornaam","achternaam","email","e-mail");

if (isset($_REQUEST["email"])) {

  $email = trim(str_ireplace($search,$replace,$_REQUEST["email"]));
  $name1 = trim(str_ireplace($search,$replace,$_REQUEST["name1"]));
  $gender = isset($_REQUEST["gender"]) ? $_REQUEST["gender"] : null;

  $errorMessage = "Helaas, jouw bedrijf heeft zich nog niet aangemeld bij RedJeZaterdag. ";
  $errorMessage .= "Controleer of je e-mail adres goed gespeld is. Als dat het geval is ";
  $errorMessage .= "meldt je dan aan bij ons om contact op te nemen met jouw bedrijf om ook ";
  $errorMessage .= "snel de kapper op het werk te krijgen.";

  if ((strlen($email) == 0) || (strpos($email,"@") == false))
  {
    $error = $errorMessage;
  }
  else 
  {
    deleteOldReservations();
  
    $extensie = strtoupper(substr($email,strpos($email,"@")+1,strlen($email)-strpos($email,"@")-1));

    // retrieve company code     
    conn();
    $sqlIsSet = "SELECT UPPER(c.CODE) AS CODE ";
    $sqlIsSet .= "FROM COMPANIES c ";
    $sqlIsSet .= "INNER JOIN EMAILS e ON e.COMPANY_CODE = c.CODE ";
    $sqlIsSet .= "WHERE ( UPPER(e.EMAIL) = UPPER('$extensie') ";
    $sqlIsSet .= "     OR UPPER(e.EMAIL) = UPPER('".mysql_escape($email)."') ) ";
    //echo $sqlIsSet;
    $result = mysql_query($sqlIsSet);
    if (!$result) {die('Could not exec query sqlIsSet: ' . mysql_error());}
    $row = mysql_fetch_array($result, MYSQL_ASSOC);
    $company_code = (!isset($row["CODE"]) || $row["CODE"] == null) ? "" : $row["CODE"];
    close();
    
    if (strlen($company_code) == 0) 
    {
      $error = $errorMessage;
    }
    else 
    {
      // open db
      conn();

      // sign in     
      $sqlInsertSignIn = "INSERT INTO SIGN_INS(EMAIL, SESSION_ID, COMPANY_CODE, IP_ADRES) ";
      $sqlInsertSignIn .= " values ";
      $sqlInsertSignIn .= "('".mysql_escape($email)."','$session_id','".mysql_escape($company_code)."','".mysql_escape($ip_adres)."')";
      $result = mysql_query($sqlInsertSignIn);
      if (!$result) {	die('Could not exec query sqlInsertSignIn: ' . mysql_error()); } else { $success = true; }
      $idSignIn = mysql_insert_id();
      
      // update cookie 
      $sqlUpdateCookie = "UPDATE COOKIES SET EMAIL = '".mysql_escape($email)."' WHERE ID = '$cookie_id'";
      //echo $sqlUpdateCookie;
      $result = mysql_query($sqlUpdateCookie);
      if (!$result) {	die('Could not exec query sqlUpdateCookie: ' . mysql_error()); } else { $success = true; }
      
      // save name      
      $sqlCustomers = "SELECT ID, NAME1, GENDER FROM CUSTOMERS WHERE UPPER(EMAIL) = UPPER('".mysql_escape($email)."') ";
      $result = mysql_query($sqlCustomers);
      if (!$result) {die('Could not exec query sqlCustomers: ' . mysql_error());}
      $row = mysql_fetch_array($result, MYSQL_ASSOC);
      if (isset($row["ID"]) && $row["ID"] != null) {
        $customerId = $row["ID"];
        $sqlUpdateCustomers = "UPDATE CUSTOMERS ";
        $sqlUpdateCustomers .= "SET NAME1 = '".mysql_escape($name1)."', EMAIL = '".mysql_escape($email)."', GENDER = '$gender' ";
        $sqlUpdateCustomers .= "WHERE ID = '$customerId' ";
        //echo $sqlUpdateCustomers;
        $result = mysql_query($sqlUpdateCustomers);
        if (!$result) {	die('Could not exec query sqlUpdateCustomers: ' . mysql_error()); } else { $success = true; }
        
      } else {
        $sqlInsertCustomers = "INSERT INTO CUSTOMERS(EMAIL, NAME1) ";
        $sqlInsertCustomers .= "VALUES ('".mysql_escape($email)."', '".mysql_escape($name1)."') ";
        $result = mysql_query($sqlInsertCustomers);
        if (!$result) {	die('Could not exec query sqlInsertCustomers: ' . mysql_error()); } else { $success = true; }
        $customerId = mysql_insert_id();
      }
      $_SESSION["EMAIL"] = $email;
      $_SESSION["NAME1"] = $name1;
      $_SESSION["GENDER"] = $gender;
      $_SESSION["COMPANY_CODE"] = $company_code;

      // close db  
      close();
      
      if ($success) 
      {
        $_SESSION["LOGGED_OUT"] = false;
        if (isset($name1) && $name1 != null) { echo $name1." (".$email.") "; } else { echo $email;} 
      } 
      else 
      {
        $error = $generalErrorMessage;
      }      
    }
  }
} 

if (isset($error)) {
  echo '<span class="error">'.$error.'</span>';
}

?>
